Managing risk in the chemicals industry

FW moderates a discussion on risk management in the chemicals industry between Quincy Jones, a senior director at FTI Consulting, Roberta D. Anderson, a partner at K&L Gates LLP, and Fabrice M. Lebourgeois, a managing director at Marsh.

FW: How would you summarise the last 12-18 months for the chemicals industry? What have been some of the dominant trends and how have companies in this sector fared in general?

Jones: The chemical industry is cyclical, with alternating periods of high and low profitability. Peaks normally occur on a seven to 10 year cycle, with recent peaks occurring in 1988-89, 1995, and 2005-07. While there are many factors that contribute to the industry’s cyclical performance, the chief determining factor is arguably the difference in growth rate between product demand and product supply – demand curves tend to be smooth curves, while supply curves are more of a ‘step function’ reflecting the addition of large world scale manufacturing facilities. In the past, profitability between regions like the US, Europe and Asia tracked one another. Although there are specific regional differences on feedstock, utilities and labour, the profitability in one region moved with the profitability in another region. With the birth of unconventional gas in the US, there has been a flurry of new announcements to build petrochemical plants and the US chemical industry has reached a peak in profitability and utilisation. In Europe, profitability appears to be very slowly rising out of a trough, but costs remain high and demand is weak. In Asia there are high production costs, signs of decelerating growth in China, and weak exports to Europe. This contrast in regional profitability has required a multipronged approach for multinationals with an emphasis on restructuring assets –reducing costs, improving energy efficiency, facility rationalisation, increasing vertical integration – in one location and expanding in others.

Anderson: Generally speaking, the last 12-18 months have been challenging for the chemicals industry with growth considerably lower than in 2011, although the 2014 outlook may improve given a strong export demand in Asia, and the dramatic rise in shale oil and gas production in the US.

From the perspective of an insurance coverage attorney who assists chemical industry clients with complex underwriting and risk management issues, one important trend is an apparent shrinkage in insurance market capacity. Insurers appear to be increasingly reluctant to underwrite chemical sector companies for their commercial liability exposures, including products liability exposures. Those insurers willing to underwrite the risks are demanding higher premiums, are requiring their insureds to shoulder larger self insured retentions (SIRs), and are inserting new or broader coverage exclusions. With SIRs and premiums increasing, and exclusions proliferating, some chemical industry clients are left to consider whether, if they are able to purchase appropriate limits, the scope of coverage is worth the premium.

Lebourgeois: Several significant trends are affecting the global chemical industry. First, the slow economic recovery in most countries around the world is leading chemical companies to maintain their cost-reduction efforts and to re-evaluate their investment strategies. Many end-use markets like automotive, construction, and durable goods have production volumes that are still below the 2008 pre-recession levels. Europe continues to be a major challenge for most companies based on the sluggish economic conditions, higher production costs, and the overall regulatory environment. Second, the increased production of shale gas has become a true game changer for the US industry, which is leading to significant investments in the petrochemical industry. To put things in perspective, the cost of shale gas used by the industry as a feedstock and a source of energy, is now three times cheaper in the US than in Europe, and four times than in Asia. This is creating a meaningful advantage for companies operating on US soil. Third, many companies are looking to further optimise their portfolio and several large firms, like Dupont and Dow Chemicals, are in the process of divesting multi-billion dollar businesses, which are viewed as underperforming or non-core. Finally, chemical companies continue to invest heavily in emerging countries, particularly in China, and also on research and development with a special focus on global mega-trends such as renewable energy, food and nutrition, green chemistry, housing and construction, and sustainability.

FW: To what extent are regulators, investors, board members, vendors, customers and other stakeholders demanding better risk management from executives operating in this sector?

Anderson: Regulators, investors, board members, vendors, customers and other stakeholders are increasingly demanding improved internal efforts and safeguards from chemical sector companies and their executives to reduce the chances of negative product impacts and liabilities, and other types of potential operational liabilities and exposures. Such efforts include better safeguards to ensure that a product is reasonably safe and suitable for its intended purpose before the product enters the market, and improved products stewardship to reduce the risk of long or short-term negative impacts on the environment, health, or public safety. Such efforts also include improved disclosures regarding potential side or adverse effects associated with the use of a product and potentially unforeseen or unintended consequences associated with use of the product.

Lebourgeois: Considering the nature of the products and processes, effective risk management at chemical companies is simply expected by all stakeholders – regulators, shareholders, employees, and the public in general. A lot of resources are being spent by the industry on health, safety, and environmental protection. Managing risk is a core business for companies operating in the chemical sector. Everyone is engaged – from the plant operators, HS&E engineers, to the risk manager, the financial executives, and the CEO. Also, we have to remember that the chemical industry is one of the most regulated industries in the world and is subject to local, state, federal, and international regulations, which apply to many aspects of a chemical company’s business from manufacturing and storage, to marketing and disposition. The implementation of Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH) legislation in Europe — a regulation concerning chemicals and their safe use —and now the on-going discussions in the US about the Toxic Substances Control Act (TCSA) reform, are meant to provide more information to the public and to actively regulate the more challenging substances. Complying with these regulations is a significant burden and a constant focus for the chemical industry.

Jones: Rapid changes in energy prices, economic indicators and producer profitability have all reduced the accuracy of chemical forecasts. The chemical industry today is increasingly uncertain and uncertainty breeds risk. In an effort to mitigate risk, executives have had to focus relentlessly on restructuring, portfolio optimisation, cost reduction and multiple scenario forecasting. Stakeholders expect every facet of the business from contractual arrangements, supply chain integration, environmental compliance to joint venture due diligence to be constantly re-evaluated. Stakeholders also require executives to ensure that large projects are executed on schedule, within cost and at quality. Executives have been put under pressure to address business risk because shareholders reward predictable earnings and punish surprises.

FW: Could you provide an insight into some of the key risks in the chemicals sector, such as supply chain security and regulatory compliance?

Lebourgeois: Many of the risk factors that come to mind such as fire, explosion, employee safety, and environmental exposures are actively managed at the plant level. That said, the world we are living in is changing fast, and new and emerging risk issues need to be considered. Increased dependence on key suppliers, risks related to operations in emerging countries, new technologies such as fracking and nanotechnology, political risks and cyber liability are some of the emerging risks that companies need to evaluate and address. Also, the number of studies linking chemical substances to specific diseases and pathologies has increased over the past few years. Non-governmental organisations (NGO) are regularly voicing concerns about the long-term impact of these products, and are using the media to get their message across. Finally, exposure to natural hazards continues to be a significant concern for chemical companies. Although the industry did not experience any major losses over the past few years, and was largely spared from Superstorm Sandy in the US, the potential impact of natural disasters on manufacturing operations and the chemical supply chain could be significant, especially in the Gulf of Mexico, but also in other parts of the world.

Jones: The chemical industry lends itself well to vertical integration because the production of most end-products results from a sequence of processes, starting with raw materials that are transformed into building blocks, which are further processed into chemical intermediates, and finally into end-products that are useful to consumers. However this network of integration also introduces tremendous risk because the supply chain can be disrupted due to intentional attack, natural disaster, spill or contamination. A supply disruption can impact multiple companies and multiple stakeholders. Reliability, traceability and security of supply require companies to examine weak links throughout the entire chain of custody. The chemical industry is already one of the most regulated industries and the regulatory environment is becoming more complex. This places a burden on owners to consistently audit existing facilities for compliance and execute comprehensive due diligence for potential acquisitions. The risk associated with non-compliance can be significant in terms of fines and fees. There are also major elements of risk in the chemical industry related to product price and product availability. In all agreements, parties accept varying degrees of risk based in large part on the terms negotiated in their specific agreement or contract. However, volatility has forced many board members and stakeholders to re-examine their portfolio of contractual arrangements. Producers have eliminated price protection clauses, increased the use of pass through clauses, shifted to spot exposure depending market conditions and added margin protection. Even brownfield or greenfield construction face risk associated with contract management, local laws, close out procedures, design errors, start-up problems, supplier performance, design changes and guarantees. Business leaders are challenged to comprehensively address risk at all levels in the supply chain.

Anderson: Supply chain disruption is a key risk for chemical sector companies. In an increasingly interdependent global economy, a single disruption to a key supplier can impact entire industry sectors and subsectors. Disruptions may stem from myriad causes, including cyber security failures. This was recognised by the National Institute of Standards and Technology in its recently-issued Preliminary Cyber security Framework, which provides a framework for critical infrastructure organisations to achieve a grasp on and improve their cyber security risk profile and risk management practices. The National Institute of Standards and Technology (NIST) points out that although many organisations have robust internal risk management processes in place, there remain challenges related to dependency analysis and information sharing throughout supply chains, leaving organisations vulnerable to penetration and disruption. Also on the issue of cyber security, the chemicals sector is a chief target of cyber espionage, including the theft of a company’s valuable intellectual property by Advanced Persistent Threats or other tactics. The director of the US National Security Agency has stated that ongoing cyber-thefts from the networks of public and private organizations, including Fortune 500 companies, represent “the greatest transfer of wealth in human history”. There can be no doubt that cyber security breaches present a key threat to chemicals sector companies and a real challenge from a risk management standpoint.

FW: In your experience, are chemicals companies allocating enough time, attention and expertise to identifying and managing the risks they face?

Jones: Many companies don’t appreciate the negative economic consequences associated with a poor risk management strategy. Companies that are not fully integrated contract with other companies for the supply of chemical raw materials used in the manufacture of their specific products. This adds a layer of complexity to the network of chemical relationships. The highly interconnected nature of the chemical industry combined with the complex nature of supply agreements means that changes in ownership, company strategy, pricing volatility, profitability, supply disruptions and even new management result in risk and potentially costly litigation.Additionally, chemical companies have had to become leaner and don’t necessarily have resources available to install, execute and manage a comprehensive system. This is also further compounded by the retirement of seasoned industry professionals that appreciate these risks.

Anderson: In my experience, sophisticated chemical industry companies generally have vigorous internal processes in place to identify and manage risks and track developments in ‘real time’ as they occur. Communication and efficient interaction between and among a company’s legal and risk management, and C-Suite personnel as appropriate, is critical in this regard, and many companies have effective formal procedures in place to ensure that each department is aware of the informational needs of the other. NIST’s recently-issued Preliminary Cyber security Framework reflects the importance of efficient and effective communication in identifying and managing risks. NIST has explained that its Framework ‘Core’ is intended to facilitate cyber security and risk management communications within an organisation, including among senior management, middle management and operational staff, and with external stakeholders.

Lebourgeois: The answer is a definite yes. As I’ve said before, managing risk is a core competency in the chemical industry. Most companies have developed a strong safety culture and are spending a lot of resources to protect the safety of their employees, and limiting the impact of their operations on their surrounding communities. Individual efforts, as well as industry standards developed by trade associations, like the American Chemistry Council Responsible Care program, are contributing to making the industry safer. That said, risk management is an area where one has to remain humble. Our fast-paced, constantly changing world, and the fact that ‘we don’t always know what we don’t know’, present great challenges for companies operating on a global scale. At the same time, I believe that the situation presents tremendous opportunities for risk management professionals looking to bring increased value to their organisations. Risk managers need to focus on staying close to their business, and understanding their firm’s corporate strategies and where investments are being made. They also need to stay current on global trends and the overall competitive landscape, as well as the best practices implemented by the most progressive firms in their industry.

FW: How important is for chemicals companies to invest more into their risk management capabilities – particularly in terms of analysing risk using benchmarking tools, hazard models, due diligence, background checks and so on?

Anderson: Although sophisticated chemical industry companies generally have robust risk management capabilities, all companies would profit from a critical assessment regarding whether risk management recourses should be increased in terms of overall funding and dedicated personnel. Even the most talented individuals may be unable to effectively identify and manage risks if recourses are stretched too thin and day-to-day basic insurance roles leave inadequate time for longer-term enterprise risk management. It is critical that an organisation maintain adequate recourses to engage in effective ‘big picture’ enterprise risk management, on a periodic basis, to ensure that risks are identified and managed methodically, not haphazardly. Additional internal personnel or external consultants may be necessary to confirm that risks, including, but by no means limited to, cyber security and political risks such as expropriation and currency inconvertibility, are appreciated and addressed.

Lebourgeois: It is critical for chemical companies to continue to expand their risk management capabilities, while leveraging those of their risk advisors’. Our clients are increasingly expecting that decisions and proposals are backed by hard analytical data and thoughtful analysis. Our approach in this area is to draw on data from our extensive global benchmarking portal, actuarial and statistical analyses, and predictive and scholastic modelling, that look deeper into the data from organisations and industry sectors. The goal is to help our clients better understand their exposures, evaluate program design options and, ultimately, reach the best decisions. In the chemical sector, we have developed a range of specific analytical tools focusing on Total Cost of Risk benchmarking, Risk Bearing capacity, and Vapour Cloud modelling and allowing our clients to make smarter risk financing decisions. How much risk should be retained and how many limits should be purchased are the kinds of questions companies are asking.

Jones: The chemical industry has seen a shift in manufacturing towards geographies that can either take advantage of low cost feedstock, cheaper labour or better demand growth. The rapid consolidation and globalisation in chemicals has resulted in joint ventures and partnerships to minimise risk and minimise capital exposure. However, simply having multiple business partners can introduce risk related to different business strategy and different business practices. The importance of determining the reputation and integrity of a business partner, assessing political risk in new regions and executing comprehensive due diligence are now recognised by chemical companies.Beyond simple due diligence, the chemical industry has started to focus on competitive and defensive intelligence as well as brand protection. However, these are not simply desktop exercises, but often require on ground due diligence by former regulators, prosecutors and law enforcement officials who can quickly determine potentially adverse connections. It also requires former chemical industry professionals that are trained to assess all elements of risk.

FW: For multinational chemicals companies in particular, what additional challenges tend to arise when establishing a risk management framework across the entire enterprise? What advice can you offer on overcoming these challenges?

Lebourgeois: There is no question that it is more challenging for multinational companies to manage their risks on a global scale. The world is increasingly more complex and interconnected than ever. The centre of gravity of many chemical companies has moved away from developed countries, and is now closer to emerging markets such as China. Understanding the local landscape and being able to effectively manage the business locally are critical to the success of these firms. From a risk management standpoint, building a framework that is conducive to meeting the various operational and strategic objectives of the company and, at the same time, addressing the differences in language, culture, and the legal and regulatory environment present tremendous challenges. The risk management framework needs to be embedded deeply into the organisation from a manufacturing, health, safety and environment perspective, to the areas of risk and insurance, finance, and legal — and be integrated into core processes as well. It is also very important for organisations to critically examine their frameworks and processes on a regular basis. Internal and external influences are constant, and a risk management program must be flexible and adaptable to support the needs of the company.

Jones: The process of developing a corporate internal control system is a comprehensive exercise that involves training, monitoring and execution. Experience has taught us that prevention is the best medicine, but for large global conglomerates it is often difficult to objectively check compliance. Many large multinationals have existing risk management policies but fail to execute them in a consistent manner because of internal conflicts or the difficulty in monitoring across regions. There are large companies that have risk management policies in place, but still get fined millions. The best practice is to setup an independent audit committee, outsource a risk management framework and have that framework independently audited and monitored on a consistent basis. For example, Innospec was fined $40m by the Securities and Exchange Commission related to corruption and agreed to retain an external compliance monitor. Contractual risk management and transactional due diligence should also be assessed on a regular basis using seasoned experts.

Anderson: For multinational companies in particular, efficient risk management communications throughout the organisation and effective long-term enterprise risk management are essential. Lack of a cohesive, centralised risk management strategy will present considerable challenges. It is critical for global chemical companies to have a centralised framework in place for reporting of all risks from worldwide operations, for assessing the likelihood that those risks may come to fruition, and for rating the severity of potential exposure if they do. Operations in some countries and in emerging markets pose different and frequently much greater risks. Once an organisation has a centralised focus on the risks, potential liability and exposure, it is well positioned to identify the greatest risks worldwide and to concentrate on managing and mitigating those key risks.

FW: How can companies in this industry improve the way they capture and centralise risk-related data covering technology, governance and operational issues?

Jones: The ability to capture, store and manipulate data is a critical step in executing a risk management information system. The ideal system has a central database that allows companies to report information in a web based system with data entry validation built in. The better tools allow users to focus on reviewing risk management data rather than data compilation and validation. It is important for companies to setup an internal control system and have it reviewed for compliance by an external third party just as companies have their financials audited by a third party on a regular basis. Although risk management tools are invaluable, the failure often lies in execution. We view risk management as a policy and a process that must be monitored.

Anderson: Companies are well advised to establish and keep in place a centralised framework for capturing risks from worldwide operations, for assessing the likelihood that those risks may come to fruition, and for rating the severity of potential exposure if they do. Of course, all sensitive data should be carefully maintained to guard against unauthorized intrusions. In that regard, NIST’s Preliminary Cyber security Framework may be used by any organisation as part of its effort to assess cyber security practices and manage cyber security risk. Also, although the Cybersecurity Framework is voluntary, organisations are advised to keep in mind that creative class action plaintiffs –and even some regulators – may nevertheless assert that the Cybersecurity Framework provides a ‘de facto’ standard for cyber security and risk management.

Lebourgeois: Most chemical companies have implemented robust systems designed to capture operational risk and loss data covering technology, governance, and operational issues. Corporate enterprise-risk protocols typically include a risk registry, schedule of insurance, claim and ‘near-miss’ information, as well as a defined reporting structure that upholds the organisation’s communication standards. These policies not only help develop a structured and well understood risk-based approach to categorise and handle a company’s key information, but also can be very helpful when the company is facing a crisis. These kinds of information are typically presented to the board of directors on a regular basis. Risk management frameworks are also effective when the information they capture is properly reported to key stakeholders. Most companies are engaged in a number of community outreach activities to build strong working relationships with their local communities, including participation in community advisory panels, community surveys, open houses, and web surveys. To help prepare for an emergency, companies conduct drills with local fire departments and response teams. These outreach efforts go a long way in helping the community better understand manufacturing activities, improving transparency, and allowing companies to hear stakeholders’ concerns.

FW: Could you outline some of the negative consequences that a chemicals company might suffer if it fails to adequately manage risk?

Anderson: Companies can suffer very large losses even when they do adequately manage risk. If risk is not adequately managed, the potential consequences may be dramatically worse. If key risks are not appreciated and then insured, or otherwise mitigated, a chemicals company may face a spectrum of extremely negative consequences including loss of market share and capitalisation, loss of consumer confidence, reputational harm, loss of competitive advantage, claims and legal disputes, regulatory non-compliance issues, investigations, fines and penalties, securities class actions and shareholder derivative lawsuits, and even bankruptcy.

Lebourgeois: Considering the nature of the products and processes involved in a typical chemical company, an accident at a chemical facility could have disastrous consequences, including damage to the plant itself, injuries to the employees and contractors, pollution of the soil or water, as well as having an impact on customers and future sales. A catastrophic event could also have a significant impact on a company’s reputation and its shareholders’ confidence. As Warren Buffet once said: “It takes 20 years to build a reputation and five minutes to ruin it.” The ability of chemical companies to deal with a crisis is absolutely critical. In today’s environment, crises can arise from any direction — from traditional risks, like accidents, explosion, natural disasters, and product recalls, to other threats to the business, such as financial or political risks and data breach —and can cause greater damage in a shorter time period than ever before. Increasing stakeholder expectations, combined with faster and broader-based social involvement in monitoring every action, requires strong crisis management capabilities and a process to take bold action to manage adverse situations before they become a crisis. The direct cost of a crisis can run in the tens of millions of dollars, or more. Damage to a company’s brand reputation can cost hundreds of millions of dollars, even billions, in lost market value. Solid reputational risk and crisis management planning has become a benchmark of sound governance.

Jones: We have observed an increase in trade secret litigation, antitrust litigation and international arbitration which can cost companies hundreds of millions of dollars. In most cases these fines and litigation awards could be mitigated with changes in business policy and practice. Chemical companies are increasingly concerned about risk related to Foreign Corrupt Practices Act (FCPA) and UK Bribery acts as well as the potential for expropriation of foreign assets in unstable locations.

FW: What insurance solutions are available to help chemicals companies and their directors & officers (D&Os) mitigate potential risks?

Lebourgeois: While chemical companies have unique risks, including potential environmental and product liabilities that expose the personal assets of the directors and officers leading those organisations, the significant majority of personal exposures are common amongst all publicly traded companies today. Among these exposures are actual or alleged violations of federal and state securities laws, anticompetitive laws and regulations, employment laws and global compliance requirements. The traditional insurance solution for these types of risks has been, and continues to be, risk transfer through the purchase and implementation of directors and officers liability (D&O) and employment practices liability (EPL) insurance policies. While the cost of coverage has firmed over the last 18 months, rates have stabilised in the last couple of quarters, as the overall markets remain robust and competitive with plenty of capacity and room for good coverage negotiation. Currently, of principal interest to global firms and their directors and officers is coverage for regulatory investigations and enforcement actions both for the individual executives. This is generally included in most D&O policies, although for the corporate entity itself, this coverage is not typically included in the majority of D&O policies, unless and during which time there is also a concurrent securities claim pending against individual insureds. Another specific area of interest to directors and officers, in particular, is the maintenance of a separate program for non-idemnifiable D&O coverage known as A-side, difference-in-conditions (ADIC) insurance. This type of D&O policy sits on top of the traditional D&O program and provides exclusive coverage to the insured individuals only for claims that are not indemnifiable by the organisation, or in the event that any of the underlying insurers are unable or wrongfully refuse to indemnify. ADIC insurance works with the traditional, underlying program and also drops down into that program to extend coverage where it may be broader than the underlying terms and conditions. Corporate directors and officers are predisposed to purchasing ADIC insurance as part of their overall program, due to the additional limits and catastrophic coverage it provides.

Jones: There is a wide variety of liability insurance available for directors and officers that cover claims related to managerial decisions related to the company. In most cases boards and investors require D&O insurance to cover claims. We would always recommend D&O insurance because a director can be held liable for actions taken by the company.

Anderson: There are myriad types of insurance products on the market that are available to assist chemical companies and their D&Os in mitigating potential risk and exposure. These include commercial general liability insurance, commercial property insurance, business interruption insurance, and ‘contingent’ business interruption insurance – which generally responds to cover an insured for losses, including lost earnings or revenue, when there is damage to the property or operations of an insured’s supplier, customer or other business partner or entity that the insured relies upon to conduct its own business operations. Cover also includes directors and officers (D&O) insurance, ‘cyber’ insurance, political risk insurance, fidelity and crime insurance, environmental insurance, terrorism insurance, among other coverages. Once a company adequately understands its risk provide and understands key risks, it will be well positioned to purchase appropriate insurance coverage at appropriate limits, or otherwise mitigate risk.

Quincy Jones is a senior director at FTI Consulting. Hehas over 16 years of experience in the chemical industry and has been involved in project evaluation, merger and acquisition support, litigation, arbitration, due diligence, competitor appraisals, intellectual property and strategic planning. Mr Jones holds a B.S. degree in chemical engineering from The Johns Hopkins University and an M.B.A. in finance from Rutgers, The State University of New Jersey.He can be contacted on +1 (713) 353 5416 or by email: quincy.jones@fticonsulting.com.

Roberta Anderson is a partner with K&L Gates LLP. In addition to representing commercial insureds in connection with a wide range of issues and disputes arising under almost every kind of insurance policy, she provides strategic advice to clients on complex underwriting and risk management issues, including the drafting and negotiation of D&O, ‘cyber’-liability, and many other coverages. Ms Anderson can be contacted on +1 (412) 355 6222 or by email: roberta.anderson@klgates.com.

Fabrice Lebourgeois is the North American leader for Marsh’s Chemical Industry Practice. He is responsible for Marsh’s client relationships and oversight of the firm’s chemical book of business. Fabrice leads the development of industry specific products and services and facilitates the collaboration and knowledge sharing within the company to assure seamless, consistent, high-quality service to our chemical clients. Part of his role is to monitor key industry developments and foster dialogue among stakeholders to generate industry insights. Mr Lebourgeois can be contacted on +1 (215) 246 1219 or by email: fabrice.lebourgeois@marsh.com.